Fake Claude Code Installers Deliver Credential-Stealing Malware

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
Crypto Briefing

Crossmint launches Visa powered card payments API for AI agents

Crossmint launched a Visa powered API that lets developers enable AI agents to make card payments with tokenized credentials.
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.
CoinDesk

Kraken unveils Bitcoin Vault, expanding yield push for BTC holders

The new earn product lets users generate BTC-denominated rewards through DeFi strategies while keeping exposure to bitcoin’s ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used AntV enterprise data visualization tool.